If you've ever asked an analyst desk for an ESG report, you know the routine: a multi-week procurement cycle, a five-figure annual seat, and a deck that starts with "data as of two quarters ago." The proprietary part of that report is real — these firms employ skilled analysts, build curated taxonomies, and apply weighting frameworks that took decades to evolve. But underneath the proprietary layer is a much larger layer that isn't proprietary at all: the regulatory disclosures that companies are legally required to file.
For most decisions — vendor diligence, RFP scoring, supply-chain triage, peer benchmarking — the public layer is enough. Here's what's in it.
The four pillars of the public record
1. Environmental enforcement and emissions. EPA's Enforcement and Compliance History Online (ECHO) database aggregates Clean Air Act, Clean Water Act, RCRA hazardous-waste, and TSCA chemical filings for every regulated facility in the US. State agencies (TCEQ in Texas, CARB in California, DEC in New York) publish parallel datasets for state-level air permits, wastewater discharges, and hazardous-waste manifests. Federal greenhouse-gas reporting under 40 CFR Part 98 covers facilities emitting more than 25,000 metric tons of CO2-equivalent per year — that's roughly 8,000 facilities in the US, all searchable.
2. SEC filings. Public companies file 10-Ks, proxy statements (DEF 14A), and 8-Ks through EDGAR. As of fiscal year 2024, the SEC's climate-disclosure rule (subject to ongoing litigation, but with most large-accelerated filers complying voluntarily) requires Scope 1 + 2 GHG, climate-related risks material to the business, and board oversight of climate. Proxy statements disclose say-on-pay results, board independence, and compensation structure. 8-Ks capture material events — including environmental settlements, executive turnover, and cybersecurity incidents.
3. Workforce and labor. OSHA's establishment-search tool publishes workplace inspection records, citation history, and recordable injury rates (TRIR) for any establishment that's been inspected. NLRB filings are public — every unfair-labor-practice charge, representation petition, and election outcome. EEOC charge data and DOL Wage and Hour Division settlements are searchable. The Bureau of Labor Statistics publishes industry baselines for injury rates and turnover.
4. Litigation and enforcement. PACER hosts every federal court filing. State court records vary by jurisdiction but are generally available. DOJ press releases announce major settlements and consent decrees in plain English, often weeks before the filings show up in PACER. SEC enforcement actions are searchable on the Commission's litigation page.
What the public record doesn't cover
It's worth being explicit about the gaps:
- Private-company financial data. Without SEC reporting, you don't get audited financials, executive comp, or board composition. You get whatever the company chooses to publish in voluntary sustainability reports — which is often thin or marketing-flavored.
- Supply-chain tier-2 and below. A company's direct suppliers (tier 1) are sometimes disclosed; their suppliers' suppliers almost never are. Conflict-minerals filings under Dodd-Frank Section 1502 are the partial exception.
- Forward-looking targets vs. realized performance. Public filings show what happened. Pledges and net-zero targets show what's promised. Reconciling the two requires reading multiple years of filings together — exactly the kind of analysis an LLM does well.
- Privately negotiated settlements. Many environmental and labor disputes settle out of court with sealed terms.
Why a $99/mo product can match a $50K subscription for most use cases
The proprietary ratings firms add three things on top of the public record: (a) a normalized scoring framework, (b) analyst-curated narrative, and (c) historical depth. We replicate the first two with structured prompts against a strong language model that's trained on the same public corpus. We don't replicate the third — if you need 10-year time-series scoring with consistent methodology across vendor changes, you still need MSCI or Sustainalytics.
But for the question "what does the public record actually say about this entity, and how should I weight what I'm seeing" — that's a one-shot LLM analysis problem, and the LLM gets cheaper and better every quarter. The reason ESG ratings have been gated is that synthesizing this data used to require expensive analyst labor. It doesn't anymore.
How to read a WhatsMyESG report
Every signal in your report includes a source citation and a year. If we cite "EPA ECHO" with a 2023 data year, we mean: this finding is grounded in the publicly searchable EPA enforcement record as of 2023. If we cite "Alphabet 2024 Proxy Statement," we mean: this is on a specific page of that filing, and you can pull it from EDGAR yourself.
Where we mark a limitation — "Scope 3 supply-chain emissions data is limited" — that's the public record being honest about its own gaps, not the report being lazy. Score interpretation should always factor in the limitations callout.
The product is informational. It isn't investment advice, and it isn't a substitute for a fairness opinion or a Phase I environmental site assessment. It's a fast, structured read of what regulators and the company itself have already said in public — assembled in 30 seconds, costing about the same as a sandwich.
That's the gap we built for.